SSRF is a type of exploit where an attacker abuses the functionality of a server causing it to access or manipulate information in the realm of that server that would otherwise not be directly accessible to the attacker.
Where to look for ??
If you got Open Redirect try escalating it to SSRF.
gf SSRF to grep parameters may vulnerable to SSRF.
SSRF's are more in API's so crawl the whole web app with burp proxy turned on and search for keywords like., eg :
Sign up with an Email like blabla.collaborator.net. If u receive HTTP req. in collaborator then its SSRF. But if there's no impact Don't Report it :) DNS and SMTP req. Doesn't matters.
Most of the sites use AWS nowadays...
AWS localhost is 169.254.169.254 so don't use 127.0.0.1 there!
If you found an SSRF vulnerability that runs on EC2, try requesting :